IETF Logo Mail Archive

Re: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)

Mike Jones <Michael.Jones@microsoft.com> Wed, 28 February 2018 03:04 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9325212D95A; Tue, 27 Feb 2018 19:04:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id paUllXHTQxNJ; Tue, 27 Feb 2018 19:04:33 -0800 (PST)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0117.outbound.protection.outlook.com [104.47.41.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51E3E127775; Tue, 27 Feb 2018 19:04:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=SHU02qfG8gMm+76b+u7HxvfvTPGw2XF8yZ9ZyOFZ6aM=; b=Vv/AkZAN3rFopkynA4S/6brw2pLpTbcDbqoTTqmFd1fAEZWhaIO2AA0yFrG6sWiyc7JggcvYF+k45R2kImSJydCAlPXL6tdn4IOeI/Rw8pLTckces3rPVJ6A/DnrTeXZAWSOw34XIwcCaPuef9v8YlJKlFoI7S9m5nd1yzG/U/k=
Received: from SN6PR2101MB0943.namprd21.prod.outlook.com (52.132.114.20) by SN6PR2101MB0992.namprd21.prod.outlook.com (52.132.114.33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.567.2; Wed, 28 Feb 2018 03:04:31 +0000
Received: from SN6PR2101MB0943.namprd21.prod.outlook.com ([fe80::9866:f6b5:e2d6:50]) by SN6PR2101MB0943.namprd21.prod.outlook.com ([fe80::9866:f6b5:e2d6:50%2]) with mapi id 15.20.0567.002; Wed, 28 Feb 2018 03:04:31 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Alexey Melnikov <aamelnikov@fastmail.fm>, The IESG <iesg@ietf.org>
CC: "draft-ietf-oauth-discovery@ietf.org" <draft-ietf-oauth-discovery@ietf.org>, "oauth-chairs@ietf.org" <oauth-chairs@ietf.org>, "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)
Thread-Index: AQHTlOop6dUBqhyeJUqE43siwWseqKODkaAQgAXXNACAAAUYYIAumhgwgAFPxVA=
Date: Wed, 28 Feb 2018 03:04:31 +0000
Message-ID: <SN6PR2101MB0943D355855056120469FC27F5C70@SN6PR2101MB0943.namprd21.prod.outlook.com>
References: <151678115299.24088.6785024209658543295.idtracker@ietfa.amsl.com> <DM5PR2101MB0934487B64A5CDA299AA529EF5E20@DM5PR2101MB0934.namprd21.prod.outlook.com>, <1517151884.2936052.1250819288.30846638@webmail.messagingengine.com> <SN6PR2101MB0943DB73605F3ACAC6C85B4AF5E60@SN6PR2101MB0943.namprd21.prod.outlook.com> <SN6PR2101MB0943219B09904D35D7A37CA2F5C00@SN6PR2101MB0943.namprd21.prod.outlook.com>
In-Reply-To: <SN6PR2101MB0943219B09904D35D7A37CA2F5C00@SN6PR2101MB0943.namprd21.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [50.47.88.236]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; SN6PR2101MB0992; 7:b2LoB+PAiHOzodcCx5XX9qmYIkEGnLVdizDX/2oHDx5b7mhOGYIDJ3zczvupEYtHgJOk+c1euKWiejs5KaaKfqvd/qa5AnskdzAO2o+Z53ptcb/UFwbCsHMnjZj5TfHV/7Vx94gLOntGpBpEQzA7k3M7iTUdp9lTENgYWKGmW12x4Rzyrf4x/J9PXpl/iGcPisgBuVYil9db2bL7NVRjLr5nTpzHlcQapke9Hbu/DErbaDKUhyCpzUd4VTOXO+N7
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 44e68ae7-8987-4803-6518-08d57e57fcee
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603307)(7193020); SRVR:SN6PR2101MB0992;
x-ms-traffictypediagnostic: SN6PR2101MB0992:
x-microsoft-antispam-prvs: <SN6PR2101MB0992702B2CF83783029371A9F5C70@SN6PR2101MB0992.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(158342451672863)(120809045254105)(248736688235697)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(61425038)(6040501)(2401047)(5005006)(8121501046)(3231220)(944501211)(52105095)(10201501046)(3002001)(93006095)(93001095)(6055026)(61426038)(61427038)(6041288)(20161123560045)(20161123564045)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(6072148)(201708071742011); SRVR:SN6PR2101MB0992; BCL:0; PCL:0; RULEID:; SRVR:SN6PR2101MB0992;
x-forefront-prvs: 0597911EE1
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(979002)(39860400002)(346002)(396003)(376002)(39380400002)(366004)(199004)(189003)(13464003)(51914003)(606006)(186003)(97736004)(93886005)(8676002)(8666007)(86612001)(316002)(8990500004)(53936002)(10090500001)(68736007)(106356001)(9686003)(6306002)(8936002)(54896002)(236005)(66066001)(55016002)(81166006)(2950100002)(81156014)(105586002)(5660300001)(6436002)(102836004)(22452003)(6246003)(6116002)(790700001)(110136005)(3660700001)(7736002)(6506007)(3846002)(25786009)(345774005)(26005)(10290500003)(2900100001)(5250100002)(5890100001)(7696005)(74316002)(86362001)(229853002)(72206003)(4326008)(76176011)(99286004)(6346003)(33656002)(2906002)(3280700002)(54906003)(14454004)(966005)(53546011)(478600001)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1102; SCL:1; SRVR:SN6PR2101MB0992; H:SN6PR2101MB0943.namprd21.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-microsoft-antispam-message-info: MnE8/vanIMXTWvIgwA38V76empDdHQUXzw7WwTJf7dPvTq0lFFDvjwZ8KQv25Sq05IVj2PWSxCSUcqT+Qp3SB1EEWyGgMuG2y/fKCwXv8iVnaOhE+6oqvcR4ZqsebEkpTe/Wdr5drexgpTGppP+VicU1iZU0lJ/+eEXTwVzMzKM=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_SN6PR2101MB0943D355855056120469FC27F5C70SN6PR2101MB0943_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 44e68ae7-8987-4803-6518-08d57e57fcee
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Feb 2018 03:04:31.1658 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR2101MB0992
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/k88wrf53ubRuUG1HF5UL4fmvNYU>
Subject: Re: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Feb 2018 03:04:43 -0000

I believe that the changes in https://tools.ietf.org/html/draft-ietf-oauth-discovery-09 address the DISCUSS and comments.  Please review - ideally before the upcoming telechat.

                                                       Thanks again,
                                                       -- Mike

From: Mike Jones
Sent: Monday, February 26, 2018 11:03 PM
To: The IESG <iesg@ietf.org>; Alexey Melnikov <aamelnikov@fastmail.fm>
Cc: draft-ietf-oauth-discovery@ietf.org; oauth-chairs@ietf.org; oauth@ietf.org
Subject: RE: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)

The attached drafts address the DISCUSSes from Adam and Alexey in the ways proposed.  A summary of the changes from -08 is:
*        Revised the transformation between the issuer identifier and the authorization server metadata location to conform to BCP 190, as suggested by Adam Roach.
*        Defined the characters allowed in registered metadata names and values, as suggested by Alexey Melnikov.
*        Changed to using the RFC 8174 boilerplate instead of the RFC 2119 boilerplate, as suggested by Ben Campbell.
*        Acknowledged additional reviewers.
I've attached both source and .txt versions to facilitate comparison to -08.  Unless I hear additional suggestions for improvements by my end of business Tuesday, I'll plan to publish this as -09.

                                                       Thanks all,
                                                       -- Mike

From: Mike Jones
Sent: Sunday, January 28, 2018 7:23 AM
To: The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>; Alexey Melnikov <aamelnikov@fastmail.fm<mailto:aamelnikov@fastmail.fm>>
Cc: draft-ietf-oauth-discovery@ietf.org<mailto:draft-ietf-oauth-discovery@ietf.org>; oauth-chairs@ietf.org<mailto:oauth-chairs@ietf.org>; oauth@ietf.org<mailto:oauth@ietf.org>
Subject: Re: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)

Your understanding matches with the intent of the language from RFC 7638. I'll plan to proceed on that basis then.
Thanks again,
-- Mike
From: Alexey Melnikov
Sent: Sunday, January 28, 7:04 AM
Subject: Re: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)
To: Mike Jones, The IESG
Cc: draft-ietf-oauth-discovery@ietf.org<mailto:draft-ietf-oauth-discovery@ietf.org>, oauth-chairs@ietf.org<mailto:oauth-chairs@ietf.org>, oauth@ietf.org<mailto:oauth@ietf.org>
Hi Mike, On Wed, Jan 24, 2018, at 10:11 PM, Mike Jones wrote: > Thanks for the useful review, Alexey. I propose that we use the same > character restrictions that are described in > https://tools.ietf.org/html/rfc7638#section-6, which are: > > (a) require that member names being registered use > only printable ASCII characters excluding double quote ('"') and > backslash ('\') (the Unicode characters with code points U+0021, > U+0023 through U+005B, and U+005D through U+007E), This looks reasonable. > or > > (b) if new members are defined that use other code > points, require that their definitions specify the exact Unicode code > point sequences used to represent them. Furthermore, proposed > registrations that use Unicode code points that can only be > represented in JSON strings as escaped characters must not be > accepted. So just to double check: it is Ok to register names in Greek or Cyrillic (for example) and they will be compared in a case sensitive manner? > I also propose that we say that member name comparison occurs in the > manner described in https://tools.ietf.org/html/rfc7159#section-8.3. My understanding is that RFC 7159 recommends case-sensitive comparison and that is fine with me. > Will that work for you, Alexey? Best Regards, Alexey > > Thanks, > -- Mike > > -----Original Message----- > From: Alexey Melnikov [mailto:aamelnikov@fastmail.fm] > Sent: Wednesday, January 24, 2018 12:06 AM > To: The IESG > Cc: draft-ietf-oauth-discovery@ietf.org<mailto:draft-ietf-oauth-discovery@ietf.org>; Hannes Tschofenig > ; oauth-chairs@ietf.org<mailto:oauth-chairs@ietf.org>; > Hannes.Tschofenig@gmx.net<mailto:Hannes.Tschofenig@gmx.net>; oauth@ietf.org<mailto:oauth@ietf.org> > Subject: Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: > (with DISCUSS and COMMENT) > > Alexey Melnikov has entered the following ballot position for > draft-ietf-oauth-discovery-08: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-oauth-discovery/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > Thank you for the well written IANA Considerations section. I have one > comment on it which should be easy to resolve: > > The document doesn't seem to say anything about allowed characters in > Metadata names. When the document talks about "case-insensitive > matching", it is not clear how to implement the matching, because it is > not clear whether or not Metadata names are ASCII only. If they are not, > then you need to better define what "case insensitive" means. > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > I am agreeing with Adam's DISCUSS. > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org<mailto:OAuth@ietf.org> > https://www.ietf.org/mailman/listinfo/oauth

v2.40.4 | Report a Bug | By Email | System Status